How to set the cross domain policy with embedded jetty ? RESTserver

Question

I would like to know the way to set the cross domain policy, is that with filters or with the web.xml? How can I add it ? I'm using jetty and jersey.

Here's my main

   public static void main(String[] args) throws Exception {

     Server server = new Server(8080);
     ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
     context.setContextPath("/");
     context.addServlet(org.eclipse.jetty.servlet.DefaultServlet.class, "/");
     context.setResourceBase(".");
     server.setHandler(context);

     ServletHolder jerseyServlet = context.addServlet(org.glassfish.jersey.servlet.ServletContainer.class, "/*");
     jerseyServlet.setInitOrder(0);

     jerseyServlet.setInitParameter("jersey.config.server.provider.packages", "my.package.rest");
     server.start();
     server.join();    
  }

my web.xml

<web-app>
<filter>
    <filter-name>cross-origin</filter-name>
    <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>cross-origin</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Did I miss something ?

Answer 1

Same idea, but different approach. Create a ContainerResponseFilter with the following code to put headers for all your jax-rs web services at once:

@Provider
public class HeadersReponseFilter implements ContainerResponseFilter {

    @Override
    public void filter(ContainerRequestContext request, ContainerResponseContext response) {

        response.getHeaders().putSingle("Access-Control-Allow-Origin", "*");
        response.getHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
    }    
}

And the following configuration on your web.xml:

<servlet-mapping>
    <servlet-name>Jersey REST Service</servlet-name>
    <url-pattern>*</url-pattern>
</servlet-mapping>
<servlet>
    <servlet-name>Jersey REST Service</servlet-name>
    <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>        
    <!-- Register resources and providers under com.vogella.jersey.first package. -->
    <init-param>
        <param-name>jersey.config.server.provider.packages</param-name>
        <param-value>your.webservices.package</param-value>
    </init-param>
    <init-param>
        <param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name>
        <param-value>your.webservices.package.HeadersReponseFilter</param-value>
    </init-param>
    <async-supported>true</async-supported>
</servlet>

Cheers. :)

Answer 2

Actually I just found the answer looking at this I found that we just have to add the server "Response" an header attribute that way :

@GET
@Path("sin")
@Produces(MediaType.TEXT_PLAIN)
public Response hello() {
    String var = "[0.0, 0.0]";      
    return Response.ok().entity(var)
            .header("Access-Control-Allow-Origin", "*")
            .header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT")
            .allow("OPTIONS").build();
}

I think that way is working also for JSON or others.

Hope that helps.